This series is for educational purposes only. To get back to top-level table click [here]().
With hardware you want to ensure no action you take involves a component that has any trace to you. You’re worried about the machine you’re using being taken and used to link you to a fingerprint you’ve left online somewhere. You’re worried about a fingerprint including hardware details left online somewhere being able to map back to you.
If you don’t take the correct measures, the following information could be used to identify you:
- MAC address of network cards
- Serial numbers of any components
You should always operate on the assumption that these are obtainable pieces of information. That doesn’t mean you should freely share them, or not try to prevent the sharing of them. If you make one wrong move one time, these can be obtained. It only takes one slip to burn you! So, if we build our process on the assumption that they will leak, we can prevent any actual damage. In the case that any of these are obtained - we trash everything and start from step 1.
Following these steps will provide you with a secure base for the rest of your OpSec practices.
There cannot be any paper record of this purchase. You should take any possible steps to ensure that this machine could not possibly be linked to you.
- Do not get it shipped to an address you own or could be related to in any way
- Do not buy it with crypto that is actually traceable (Bitcoin is not completely safe, be careful!)
- Do not walk into a box store and purchase (cameras)
My recommendation is to buy from a local classifieds site:
- Browse as anonymously as possible
- Don’t create an account
- Use a burner email to organize an in-person transaction. Something like temp-mail.org will work.
- Pay with cash, in my opinion requesting a transaction with Monero or another privacy oriented crypto will raise alarm bells in the sellers head.
Now that you’ve got a machine, you need to clean it and de-weaponize it.
If you’re really worried about your supplier - tear down the machine and compare it to available schematics for the model. This is likely completely unnecessary.
What you do want to do is disable the microphone and camera. I recommend opening the device and disconnecting power/data lines. You can lookup a replacement guide for the microphone or camera to figure out how to access the hardware. Once you figure out where it is, determine the easiest place to disable it. Likely with a compact device these are connect to the motherboard either with Micro JST or Ribbon cable. You can simply unplug these from the motherboard and you’re safe.
$ cd content && tree